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DETAILED ACTION 

• Applicant's amendment filed on October 27, 2008 has been entered. Currently 
claims 1-42 are pending in this application. Claims 34-42 are withdrawn from 
consideration. 

Response to Arguments 

1 . Applicant's arguments filed 10/27/2008 have been fully considered but they are 
not persuasive for the following reasons: 

• Regarding Independent claim 25 and 27, applicant argues that, "Applicants 
respectfully submit that England does not disclose at least the following elements 
of Claim 25: "rendering in part.., said first digital content; re-verifying.., that one 
of the [immediate downstream modules] is uncompromised; and transferring.., 
the first digital content to the re-verified immediate downstream module to 
further the rendering of the first digital content." Indeed, as set out in the passage 
from col. 14, above, England at best discloses merely a single verification step, 
"block 544 [verifies] that its signature is correct .... "England never discloses that 
a root digital content rendering module verifies downstream modules, partially 
renders a digital content, re-verifies a downstream module, and transfers the 
partly rendered digital content to the re-verified downstream module for further 
rendering, as claimed in Claim 25." 

> In reply, examiner would like to point out that England clearly discloses a root 
digital content rendering module verifies downstream modules at least at (see 
Fig. 4, and also Column 1 1 , lines 9-14, "As a practical matter, this can be 
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accomplished by placing binary resources in a CP secure DLL such as 441 
that name the digest or public key of other trusted modules. Upon initial load- 
-or later-the SM identifies the trusted modules , so that a call to them maps 
their pages.") and re-verifying a downstream module, and transfers the partly 
rendered digital content to the re-verified downstream module for further 
rendering (see. Column 8, lines 25-35, "The secure content-provider module 
441 , receiving trust from security manager 420, in turn entrusts a further, 
lower level of trust in other modules. In this case, the audio application 
confers trust upon a named audio-card driver module 450, which in turn 
names a secure portion 461 of the computer's audio processing stack 460 as 
worthy of trust for processing the premium audio content".) As disclosed by 
Column 1 1 , lines 9-14, SM identifies the trusted modules during an initial 
load, this is what examiner is interpreting as verification step and once the 
audio content is downloaded SM once again verify a downstream modules 
(such as secure content-provider module, audio-card driver module, and so 
on). Applicant further argues that England does not disclose "partially 
renders a digital content", in response to applicant's argument that the 
references fail to show certain features of applicant's invention, it is noted that 
the features upon which applicant relies (i.e., "partially renders a digital 
content") are not recited in the rejected claim(s). Although the claims are 
interpreted in light of the specification, limitations from the specification are 
not read into the claims. See In re Van Geuns, 988 F.2d 1 181 , 26 
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USPQ2cl 1057 (Fed. Cir. 1993). Claim only calls for "rendering in part with 
said root one of said modules said first digital content" and England at 
Columns 1 1 , lines 6-31 and also Column 9, lines 7-1 3, clearly discloses this 
feature ("A convenient way is to allow the content distributor to encrypt a data 
block that contains its keys or other secret data, and that names the digest or 
signer of the target secure content-provider module. The CP alone is able to 
decrypt the secrets, and only gives the secrets to the named CP or to a CP 
that meets the requirements of trust." " However, current application and OS 
architectures require multiple modules to work cooperatively in processing 
and rendering content. For example, an application program might decrypt 
audio, hand it to an OS component to be decompressed, which then hands 
the decompressed audio to a further component to send the audio data to the 
output device.") 

• Applicant further argues that, "Col. 8 lines 25- 35 are directed towards merely 
identifying trustworthy modules, not verifying and also re- verifying modules, as 
claimed in Claim 25. Col. 11 lines 6-31 are directed towards merely providing 
cryptographic services by a security manager, not a digital content rendering 
module, for identifying, not verifying, a trusted module, not a digital content 
rendering module." 

> Applicant's argument that England only identify and does not verify or re- 
verify modules is not found persuasive because England clearly discloses 
"For example, a first module trusted by a content distributor for handling the 
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digital content may designate another module specified by the first module as 
trusted for handling the digital content, where the other module is a hardware 
device, the first module verifies the identity of the hardware device and the 
first module grants access to a designated memory area to the hardware 
device. Trust can be established declaratlvely or programmatically, by naming 
the public key, digest, or other signature of other applications or modules that 
have access to some or all of their code or data in the secure storage." This 
part clearly discloses that upper modules simply does not identify the lower 
module but utilizes public key, digest or other signatures of the modules to 
perform both the identification and verification. 
• Regarding Claim 1 , applicant argues that, "In England, Fig. 4 includes "other 
non-secure modules." presumably such as those marked simply "DLL." 
However, in contrast to Claim 1 , these non-secure DLLs serve no part in 
rendering protected digital content . Similarly, at col. 14 lines 1-2, England 
discloses that in some circumstances, "manager 420 can be stored in a non- 
encrypted cleartext form." However, in contrast to Claim 1 , "manager 420" is 
not a digital content rendering module. Rather, England's components that 
may participate directly in rendering content exist several levels below 
manager 420. See, e.g., col. 8 lines 25-30.Thus, England never teaches or 
even suggests "selective combinations of the plain text digital content 
rendering modules to be selectively employed to render the recovered 
digital contents of the various types," as claimed in Claim 1 . Applicants can 
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discern no teaching or suggestion in Graunl^e tliat would remedy this defect. 
Accordingly, Applicants respectfully submit that for at least the reasons just 
discussed, Claim 1 is not obvious considering England in view of Graunke. 
Claims 2-17 and 29-33 also recite, either directly or by dependency, a similar 
plain text digital content rendering module element. Accordingly Applicants 
respectfully submit that Claims 2-17 and 29-33 are allowable at least by 
similar reasoning." 

> First of all examiner is interpreting Fig. 4, Numeral 441 , 460 and 451 as the 
plain text digital content rendering modules because England at Column 9, 
lines 10-13 discloses that "For example, an application program might decrypt 
audio, hand it to an OS component to be decompressed, which then hands 
the decompressed audio to a further component to send the audio data to the 
output device. The invention supports this architecture by allowing a module 
to name other modules that can have direct access to its memory space." 
And also at Column 8, lines 46-49, "In this example, application 440 (actuallv 
its secure DLL 441) states that it trusts code signed by the key of driver 460, 
and the secure audio stack trusts the driver named by digest, e.g., 
'0X1254BE\ Security manager 420, via its privileged interaction with memory 
manager 430, interprets and establishes these hierarchical trust relationships. 
Manager 430 also acts as a secure bus agent." These parts of England 
clearly disclose that secure DLL decrypts the content (since DLL decrypts the 
content to plain text, examiner is interpreting Numeral 441 to be the root plain 
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text digital content rendering module) hands it down to other modules for 
further processing. Applicant should note that only the application or it's 
secure DLL 441 can decrypt the content and other module receives the 
content in plain-text, therefore, England clearly discloses the plain text digital 
content rendering modules. Therefore, the rejection is maintained. 
• Regarding Claim 18, Applicant argues that, "Applicants respectfully submit 
that England does not teach or suggest a root digital content rendering 
module "to exclusively receive the various types of digital contents to be 
rendered, from a recovery module not part of the hierarchy of modules." 
On the contrary, at col. 3 lines 14-18, England specifically states, "[s]ecure 
pages handle premium content with a system of code modules in a hierarchy 
of trust, where a module names other modules that it is willing to trust, and 
those modules in turn name other modules that they are willing to trust." At 
most, England may disclose merely that a content provider at the low end of 
the trust hierarchy may be able to decrypt data. Applicants respectfully submit 
that in no case does England teach or even suggest that a root digital content 
rendering module may exclusively receive digital content from a recovery 
module that is not part of the hierarchy of modules and that is responsible for 
recovering the digital contents from their ciphered states, as claimed in Claim 
18. Applicants can discern no teaching or suggestion in Graunke that 
remedies this defect. Accordingly, Applicants respectfully submit that Claim 
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18 is not obvious considering England in view of Granke. Claims 19-24 
depend from Claim 18 and are allowable at least by dependency." 
> In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the 
rejections are based on combinations of references. See In re Keller, 642 
F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091 , 
231 USPQ 375 (Fed. Cir. 1986). Examiner notes that tamper resistant digital 
content recovery module of England simply verifies the root module and 
provide root module with the decryption key (see, Column 11, lines 6-31). 
Therefore, root module of England does not recover the content from the 
tamper resistant digital content recovery module but only receive the 
decryption keys and then it decrypts the content itself. Therefore, England 
does not explicitly discloses a root position of the hierarchy to exclusively 
receive the various types of digital contents to be rendered, from a recovery 
module the recovery module being responsible for recovering the digital 
contents from their ciphered states. Examiner further notes that it is common 
in the art of cryptography to use tamper resistant digital content recovery 
module to not only verify and supply decryption keys but actually performing 
the decryption by the temper resistant module and returning the decrypted 
content to content rendering modules. Graunke discloses a temper resistant 
module (see Fig. 2, Numeral 52) that performs the decryption of the 
encrypted digital content and return the decrypted content (upon verification 
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of the rendering module) to the rendering module (see Fig. 4B, Numerals 124 
and 1 30).Therefore, it would have been obvious at the time invention was 
made to one of ordinary skill in the art to perform, with security manager of 
England, not only the verification and generation of decryption keys but also 
perform the actual decryption of the content by the security manager, as 
taught by Graunke because it improves the security of the apparatus of 
England by not transmitting the decryption keys to even trusted module so 
that trusted modules wont be able to re-render the encrypted document at a 
later time without the help of security manager. Therefore the combination of 
England and Graunke clearly discloses the argued claimed limitation. 



Claim Rejections - 35 USC § 102 

2. The following Is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 



(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 
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Claims 25-26 are rejected under 35 U.S.C. 102(e) as being anticipated by 
England et al. (US 6,775,779 B1 ). hereinafter England. 

Regarding Claim 25, England discloses a processor implemented method 
comprising: 

verifying with a root one of a plurality of hierarchically organized digital content 
rendering modules (see. Fig. 4, Numeral 441), that each module that occupies an 
immediate downstream position in the hierarchy of modules from the root module has 
not been compromised (see Column 8, lines 25-35) , during an initialization period 
(Column 11, line 12); 

exclusively receiving with the root one of the plurality of hierarchically organized 
digital content rendering modules a first digital content of a first type (See Column 1 1 , 
lines 6-31); 

rendering in part with said root one of said modules said first digital content (See 
Column 1 1 , lines 6-31 ); re-verifying with said root one of said modules that one of the at 
least one other one of the modules occupying an immediate downstream position in the 
hierarchy of modules from the root module is uncompromised (see Column 8, lines 25- 
35, Column 11, line 12); and 

transferring with said root one of said modules the first digital content to the re- 
verified immediate downstream module to further the rendering of the first digital content 
(see Column 8, lines 25-35). 

Regarding Claim 26, the rejection of claim 25 is incorporated and England 
further discloses wherein said root one verifies each immediate downstream module is 
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uncompromised by verifying tlie immediate downstream module's signature (see 
England, Column 8, lines 42-46). 

Claim Rejections - 35 USC § 103 
3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
Invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the Invention was made. 

Claims 27-28 are reiected under 35 U.S.C. 103(a) as being unpatentable over 
England. 

Regarding Claim 27, the rejection of claim 25 is incorporated and England does 
not explicitly disclose wherein: 

the root one of the plurality of hierarchically organized plain text digital content 
rendering modules receiving a second protected digital content of the same first type; 
and 

said root one in conjunction with the same first at least one other one of said 
plurality of hierarchically organized digital content rendering modules rendering said 
second digital content, with said root ones re-verifying the same one of the first at least 
one other one that occupies an immediate downstream position in the hierarchy of 
modules from the root module is uncompromised before transferring the second digital 
content to the immediate downstream module to further the rendering of the second 
digital content. 
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Above limitations are identical to claim 25 with the difference that this time it is 
done on a second protected digital content of the same first type . 

Since the system of England is capable to receiving different types of digital 
contents (see England Column 7, lines 57-60), it would have been obvious at the time 
invention was made to one of ordinary skill in the art to perform the identical steps for 
the second protected digital content of the same first type as well, to provide secure 
loading of second protected digital content with the help of security manager of 
England's device. 

Regarding Claim 28, the rejection of claim 25 is incorporated and the 
combination of England and Graunke does not explicitly discloses: 

the root one of the plurality of hierarchically organized plain text digital content 
rendering modules receiving a second protected digital content of a second type; and 

said root one in conjunction with second at least one other one of said plurality of 
hierarchically organized digital content rendering modules rendering said second digital 
content, with said root one re-verifying one of the second at least one other one 
occupying an immediate downstream position in the hierarchy of modules from the root 
module is uncompromised before transferring the second digital content to the re- 
verified one of the second at least one other one occupying an immediate downstream 
position in the hierarchy of modules from the root module to further the rendering of the 
second digital content. 

Above limitations are identical to claim 25 with the difference that this time it is 
done on a second protected digital content of a second tvoe . 
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Since tlie system of England is capable to receiving different types of digital 
content (see England Column 7, lines 57-60), it would have been obvious at the time 
invention was made to one of ordinary skill in the art to perform the identical steps for 
the second protected digital content of the second type as well, to provide secure 
loading of second protected digital content with the help of security manager of 
England's device. 

Claims 1-24. and 29-33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over England in view of Graunke et al. (US 5.991 .399). hereinafter 
Graunke. 

Regarding Claim 1, England discloses an apparatus comprising: 
a tamper resistant digital content recovery module (Fig. 4, Numeral 420, Column 
9, lines 52-54) to recover protected digital content of various type (see Column 14, lines 
18-34), the recovery module employing measure to hinder observation of operations 
performed therein (see. Column 3, lines 31-42); 

a plurality of plain text digital content rendering modules communicatively 
coupled with each other in a hierarchical manner forming a hierarchy of modules (see. 
Fig. 4, Numerals 441, 460, 451, also see Column 8, lines 35-52), with selective 
combinations of the plain text digital content rendering modules to be selectively 
employed to render the recovered digital contents of the various types (see. Column 8, 
lines 25-34), including one of the plain text digital content rendering modules occupying 
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a root position of the hierarchy to exclusively receive all types of the recovered digital 
contents to be rendered (see, Column 12, lines 25-39), 

one or more storage units operative to store said tamper resistant module (see, 
Column 13, lines 60-62) and said plurality of plain text digital content rendering modules 
(see, Fig. 4, Numerals 441, 460, and 451); and 

a processor coupled with the one or more storage units to execute the tamper 
resistant module and the plurality of plain text digital content rendering modules (see. 
Fig. 1, Numeral 131). 

Tamper resistant digital content recovery module of England simply verifies the 
root module and provide root module with the decryption key. Therefore, root module of 
England does not recover the content from the tamper resistant digital content recovery 
module but only receive the decryption keys and then it decrypts the content itself. 
Therefore, England does not explicitly discloses one of the plain text digital content 
rendering modules occupying a root position of the hierarchy to exclusively receive all 
types of the recovered digital contents to be rendered, from the tamper resistant digital 
content recoverv module . 

However, it is common in the art of cryptography to use tamper resistant digital 
content recovery module to not only verify and supply decryption keys but actually 
performing the decryption by the temper resistant module and returning the decrypted 
content to content rendering modules. 

Graunke discloses a temper resistant module (see Fig. 2, Numeral 52) that 
performs the decryption of the encrypted digital content and return the decrypted 
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content (upon verification of the rendering module) to the rendering module (see Fig. 
4B, Numerals 124 and 130). 

Therefore, it would have been obvious at the time invention was made to one of 
ordinary skill in the art to perform, with security manager of England, not only the 
verification and generation of decryption keys but also perform the actual decryption of 
the content by the security manager, as taught by Graunke because it improves the 
security of the apparatus of England by not transmitting the decryption keys to even 
trusted module so that trusted modules wont be able to re-render the encrypted 
document at a later time without the help of security manager. 

Regarding Claim 2, the rejection of claim 1 is incorporated and the combination 
of England and Graunke further discloses wherein the tamper resistant digital content 
recovery module is equipped to verify the plain text digital content rendering module 
occupying the root position of the hierarchy as not having been compromised, and to 
provide recovered digital content to the plain text digital content rendering module 
occupying the root position of the hierarchy, only upon having verified the plain text 
digital content rendering module occupying the root position of the hierarchy as not 
having been compromised (see England, Column 8, lines 9-18). 

Regarding Claim 3, the rejection of claim 2 is incorporated and the combination 
of England and Graunke further discloses wherein the tamper resistant digital content 
recovery module is equipped to verify the plain text digital content rendering module 
occupying the root position of the hierarchy, responsive to a request from the plain text 
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digital content rendering module occupying the root position of the hierarchy to recover 
a protected digital content (see England, Column 11, lines 6-31). 

Regarding Claim 4, the rejection of claim 3 is incorporated the combination of 
England and Graunke further discloses the tamper resistant digital content recovery 
module is equipped to verify the plain text digital content rendering module occupying 
the root position of the hierarchy by verifying a signature of the plain text digital content 
rendering module occupying the root position (see England, Column 8, lines 42-46). 

Regarding Claim 5, the rejection of claim 1 is incorporated and the combination 
of England and Graunke further discloses the hierarchy of modules includes a module 
occupying a non-leaf position in the hierarchy and a module occupying an immediate 
downstream position in the hierarchy from the non-leaf plain text digital content 
rendering module, and the non-leaf module is equipped to verify the immediate 
downstream module as not having been compromised (see England, Fig. 4 and also 
Column 8 lines 25-35). 

Regarding Claim 6, the rejection of claim 5 is incorporated and the combination 
of England and Graunke further discloses wherein the non-leaf modules is equipped to 
verify the immediate downstream module as not having been compromised, at least 
during initialization (see England, Column 11, lines 11-13). 

Regarding Claim 7, the rejection of claim 6 is incorporated and the combination 
of England and Graunke further discloses wherein the non-leaf modules is equipped to 
further verify the immediate downstream module remains un-compromised before each 



Application/Control Number: 10/075,471 Page 17 

Art Unit: 2435 

transfer of recovered digital content to the immediate downstream module (see 
England, Column 11, lines 20-31). 

Regarding Claim 8, the rejection of claim 5 is incorporated and the combination 
of England and Graunke further discloses wherein the a non-leaf modules is equipped 
to verify the immediate downstream module as not having been compromised by 
verifying a signature of the immediate downstream module (see England, Column 8, 
lines 42-46). 

Regarding Claim 9, the rejection of claim 1 is incorporated and the combination 
of England and Graunke further discloses wherein the digital content of various types 
comprises streaming media contents of a plurality of media, and of a plurality of format 
types (see England, Column 7, lines 56-60). 

Regarding Claim 10, the rejection of claim 1 is incorporated and the combination 
of England and Graunke further discloses wherein the apparatus is a selected one of a 
wireless mobile phone, a palm sized personal digital assistant, a notebook computer, a 
set-top box, a desktop computer, a single processor server, a multi-processor server, or 
a cluster of coupled systems (see England, Fig. 1). 

Regarding Claim 11, the rejection of claim 1 is incorporated and the combination 
of England and Graunke further discloses a first subset of the plain text digital content 
rendering modules are member modules of a first application domain (see England, Fig. 
4, Numeral 441), and a second subset of the plain text digital content rendering 
modules are member modules of a second application domain (see England, Fig. 4, 
Numerals 460 and 451). 
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Regarding Claim 12, England discloses a processor implemented method, 
comprising: 

a root one of a plurality of hierarchically organized plain text digital content 
rendering modules (see, Fig. 4, Numeral 441) collectively adapted to render digital 
contents of a plurality of types (see Column 12, lines 25-27); 

verifying with the tamper resistant digital content recovery module that said root 
one of the plurality of hierarchically organized plain text digital content rendering 
modules has not been compromised (see, Column 8, lines 9-18); 

rendering with said root one in conjunction with first at least one other one of said 
plurality of hierarchically organized plain text digital content rendering modules said first 
digital content (see, Column 10, lines 28-33); and 

verifying with said root one of the modules that one of the first at least one other 
one of the modules occupying an immediate downstream position in the hierarchy of 
modules from the root module, is uncompromised before transferring the first digital 
content to the verified immediate downstream module to further the rendering of the first 
digital content (see, Column 8, lines 25-35). 

Tamper resistant digital content recovery module of England simply verifies the 
root module and provide root module with the decryption key. Therefore, root module of 
England does not recover the content from the tamper resistant digital content recovery 
module but only receive the decryption keys and then it decrypts the content itself. 
Therefore, England does not explicitly requesting a tamper resistant digital content 
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recovery module to recover a first protected digital content of a first type; recovering 
with the tamper resistant digital content recovery module the first protected digital 
content in an obfuscated manner; and transferring the recovered first digital content to 
said root one of the plurality of hierarchically organized plain text digital content 
rendering modules. 

However, it is common in the art of cryptography to use tamper resistant digital 
content recovery module to not only verify and supply decryption keys but actually 
performing the decryption by the temper resistant module and returning the decrypted 
content to content rendering modules. 

Graunke discloses a temper resistant module (see Fig. 2, Numeral 52) that 
performs the decryption of the encrypted digital content and return the decrypted 
content (upon verification of the rendering module) to the rendering module (see Fig. 
4B, Numerals 124 and 130). 

Therefore, it would have been obvious at the time invention was made to one of 
ordinary skill in the art to perform, with security manager of England, not only the 
verification and generation of decryption keys but also perform the actual decryption of 
the content by the security manager, as taught by Graunke because it improves the 
security of the apparatus of England by not transmitting the decryption keys to even 
trusted module so that trusted modules wont be able to re-render the encrypted 
document at a later time without the help of security manager. 

Regarding Claim 13, the rejection of claim 12 is incorporated and the 
combination of England and Graunke further discloses wherein the tamper resistant 
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module verifies the root one of the plurality of hierarchically organized plain text digital 
content rendering modules by verifying the root one's signature (see England, Column 
8, lines 42-46). 

Regarding Claim 14, the rejection of claim 12 is incorporated and the 
combination of England and Graunke further discloses wherein said root one verifies 
the one of the first one other one that occupies an immediate downstream position in 
the hierarchy of modules from the root module is uncompromised by verifying the 
immediate downstream module' s signature (see Column 8, lines 25-35 and lines 42- 
46). 

Regarding Claim 15, the rejection of claim 13 is incorporated and the 
combination of England and Graunke further discloses wherein the method further 
comprises said root one verifies each module occupying an immediate downstream 
position in the hierarchy of modules from the root modules (see England, Column 8, 
lines 25-35) during initialization (see Column 11, line 12). 

Regarding Claim 16, the rejection of claim 16 is incorporated and the 
combination of England and Graunke does not disclose wherein: 

the root one of the plurality of hierarchically organized plain text digital content 
rendering modules requesting the tamper resistant digital content recovery module to 
recover a second protected digital content of the same first type; 

the tamper resistant digital content recovery module verifying that said root one 
of the plurality of hierarchically organized plain text digital content rendering modules 
has not been compromised; 
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the tamper resistant digital content recovery module recovering the second 
protected digital content in an obfuscated manner, and transferring the recovered 
second digital content to said root one of the plurality of hierarchically organized plain 
text digital content rendering modules; and 

said root one in conjunction with the same first at least one other one of said 
plurality of hierarchically organized digital content rendering modules rendering said 
second digital content, with said root one re-verifying the same immediate downstream 
module is uncompromised before transferring the second digital content to the 
immediate downstream module to further the rendering of the second digital content. 

Above limitations are identical to claim 12 with the difference that this time it is 
done on a second protected digital content of the same first type . 

Since the system of England is capable to receiving different types of digital 
content (see England Column 7, lines 57-60), it would have been obvious at the time 
invention was made to one of ordinary skill in the art to perform the identical steps for 
the second protected digital content of the same first type as well, to provide secure 
loading of second protected digital content with the help of security manager of 
England's device. 

Regarding Claim 17, the rejection of claim 12 is incorporated and the 
combination of England and Graunke does not explicitly discloses: 

the root one of the plurality of hierarchically organized plain text digital content 
rendering modules requesting the tamper resistant digital content recovery module to 
recover a second protected digital content of a second type; 
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the tamper resistant digital content recovery module verifying that said root one 
of the plurality of hierarchically organized plain text digital content rendering modules 
has not been compromised; 

the tamper resistant digital content recovery module recovering the second 
protected digital content in an obfuscated manner, and transferring the recovered 
second digital content to said root one of the plurality of hierarchically organized plain 
text digital content rendering modules; and 

said root one in conjunction with second at least one other one of said plurality of 
hierarchically organized digital content rendering modules rendering said second digital 
content, with said root one verifying one of the second at least one other one occupying 
an immediate downstream position in the hierarchy of modules from the root module is 
uncompromised before transferring the second digital content to the immediate 
downstream module to further the rendering of the second digital content. 

Above limitations are identical to claim 12 with the difference that this time it is 
done on a second protected digital content of a second type . 

Since the system of England is capable to receiving different types of digital 
content (see England Column 7, lines 57-60), it would have been obvious at the time 
invention was made to one of ordinary skill in the art to perform the identical steps for 
the second protected digital content of the second type as well, to provide secure 
loading of second protected digital content with the help of security manager of 
England's device. 

Regarding Claim 18, England discloses an apparatus comprising: 
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a plurality of digital content rendering modules communicatively coupled with 
each other in a hierarchical manner forming a hierarchy of modules (see, Fig. 4, 
Numerals 441 , 460, 451 ), with selective combinations of the modules to be selectively 
employed to protectively render digital content of various types (see. Column 1 1 , lines 
17-31), including one of said digital content rendering modules occupying a root position 
of the hierarchy (see. Fig. 4, Numeral 441) to exclusively receive the various types of 
digital contents to be rendered, using a recovery module (see Fig. 4, Numeral 420) not 
part of the hierarchy of modules, the recovery module employing measures to hinder 
observation of operations performed therein (Column 11, lines 52-54), and the root 
modules being operative for verifying a module occupying an immediate downstream 
position in the hierarchy of modules from the root module as not having been 
compromised (see. Column 8, lines 25-35); 

one or more storage units to store said plurality of digital content rendering 
modules (Fig. 1, numerals 110, 150, 151, 152); and a processor coupled with the one or 
more storage units to execute the digital content rendering modules (see. Fig. 1 , 
numeral 131). 

Tamper resistant digital content recovery module of England simply verifies the 
root module and provide root module with the decryption key. Therefore, root module of 
England does not recover the content from the tamper resistant digital content recovery 
module but only receive the decryption keys and then it decrypts the content itself. 
Therefore, England does not explicitly discloses a root position of the hierarchy to 
exclusively receive the various types of digital contents to be rendered, from a recovery 
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module the recovery module being responsible for recovering the digital contents from 
their ciphered states. 

However, it is common in the art of cryptography to use tamper resistant digital 
content recovery module to not only verify and supply decryption keys but actually 
performing the decryption by the temper resistant module and returning the decrypted 
content to content rendering modules. 

Graunke discloses a temper resistant module (see Fig. 2, Numeral 52) that 
performs the decryption of the encrypted digital content and return the decrypted 
content (upon verification of the rendering module) to the rendering module (see Fig. 
4B, Numerals 124 and 130). 

Therefore, it would have been obvious at the time invention was made to one of 
ordinary skill in the art to perform, with security manager of England, not only the 
verification and generation of decryption keys but also perform the actual decryption of 
the content by the security manager, as taught by Graunke because It Improves the 
security of the apparatus of England by not transmitting the decryption keys to even 
trusted module so that trusted modules wont be able to re-render the encrypted 
document at a later time without the help of security manager. 

Regarding Claim 19, the rejection of claim 18 is Incorporated and the 
combination of England and Graunke further discloses wherein the hierarchy of 
modules includes a module occupying a non-leaf position in the hierarchy and a module 
occupying an immediate downstream position in the hierarchy from the non-leaf 
module, and the non-leaf module is equipped to verify the immediate downstream 
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module as not having been compromised (see England, Column 8, lines 25-35), at least 
during initialization (see Column 11, line 12). 

Regarding Claim 20, the rejection of claim 18 is incorporated and the 
combination of England and Graunke further discloses wherein the hierarchy of 
modules includes a module occupying a non-leaf position in the hierarchy and a module 
occupying an immediate downstream position in the hierarchy from the non-leaf 
module, and the non-leaf modules is equipped to further verify to the immediate 
downstream module remains uncompromised before each transfer of digital contents to 
the immediate downstream digital content rendering module (see England, Column 8 
lines 25-35 and Column 8, lines 42-46). 

Regarding Claim 21, the rejection of claim 21 is incorporated and the 
combination of England and Graunke further discloses wherein the hierarchy of 
modules includes a module occupying a non-leaf position in the hierarchy and a module 
occupying an immediate downstream position in the hierarchy from the non-leaf 
module, and the non-leaf module is equipped to verify the immediate downstream 
module as not having been compromised, by verifying a signature of the immediate 
downstream modules (see England, Column 8, lines 42-46). 

Regarding Claim 22, the rejection of claim 18 is incorporated and the 
combination of England and Graunke further discloses wherein the digital content of 
various types comprises streaming media contents of a plurality of media, and of a 
plurality of format types (see England, Column 7, lines 56-60). 
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Regarding Claim 23, the rejection of claim 18 is incorporated and the 
combination of England and Graunke further discloses wherein the apparatus is a 
selected one of a wireless mobile phone, a palm sized personal digital assistant, a 
notebook computer, a set-top box, a desktop computer, a single processor server, a 
multi-processor server, or a cluster of coupled systems (see England, Fig. 1 ). 

Regarding Claim 24, the rejection of claim 18 is incorporated and the 
combination of England and Graunke further discloses a first subset of the plain text 
digital content rendering modules are member modules of a first application domain 
(see England, Fig. 4, Numeral 441), and a second subset of the plain text digital content 
rendering modules are member modules of a second application domain (see England, 
Fig. 4, Numerals 460 and 451). 

Regarding Claim 29, England discloses an article of manufacture comprising: 

a recordable medium (see Fig. 1, Numerals 110, 151, 152); 

a first plurality of programming instructions recorded on said recordable medium, 
said first programming instructions adapted to program a computing device to 
implement on the computing device a tamper resistant digital content recovery module 
(Fig. 4, Numeral 420, Column 9, lines 52-54) to recover protected digital contents of 
various types (see Column 14, lines 18-34), the recovery module employing measures 
to hinder observation of operations performed therein (see. Column 3, lines 31-42); and 

a second plurality of programming instructions recorded on said recordable 
medium (see. Fig. 4, Numeral 441, 460, 451, also see Column 8, lines 35-52), said 
second programming instructions operative to program a computing device to 
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implement on tlie computing device a plurality of plain text digital content rendering 
modules (see, Column 8, lines 25-34), said rendering modules communicatively 
coupled with each other in a hierarchical manner to form a hierarchy of modules the 
plain text digital content rendering modules being selectively employed in combination 
to render the recovered digital contents of the various types (see, Column 8, lines 25- 
35) including one of the plain text digital content rendering modules occupying a root 
position of the hierarchy (see, Fig. 4, Numeral 441) to exclusively receive all types of the 
recovered digital contents to be rendered (See Column 11, lines 6-31). 

a root position of the hierarchy (see, Fig. 4, Numeral 441) to exclusively receive 
all types of the recovered digital contents to be rendered from the tamper resistant 
digital content recovery module 

Tamper resistant digital content recovery module of England simply verifies the 
root module and provide root module with the decryption key. Therefore, root module of 
England does not recover the content from the tamper resistant digital content recovery 
module but only receive the decryption keys and then it decrypts the content itself. 
Therefore, England does not explicitly disclose a root position of the hierarchy to 
exclusively receive all types of the recovered digital contents to be rendered from the 
tamper resistant digital content recoverv module. 

However, it is common in the art of cryptography to use tamper resistant digital 
content recovery module to not only verify and supply decryption keys but actually 
performing the decryption by the temper resistant module and returning the decrypted 
content to content rendering modules. 
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Graunke discloses a temper resistant module (see Fig. 2, Numeral 52) that 
performs the decryption of the encrypted digital content and return the decrypted 
content (upon verification of the rendering module) to the rendering module (see Fig. 
4B, Numerals 124 and 130). 

Therefore, it would have been obvious at the time invention was made to one of 
ordinary skill in the art to perform, with security manager of England, not only the 
verification and generation of decryption keys but also perform the actual decryption of 
the content by the security manager, as taught by Graunke because it improves the 
security of the apparatus of England by not transmitting the decryption keys to even 
trusted module so that trusted modules wont be able to re-render the encrypted 
document at a later time without the help of security manager. 

Regarding Claim 30, the rejection of claim 29 is incorporated and the 
combination of England and Graunke further discloses wherein the tamper resistant 
digital content recovery module is equipped to verify the plain text digital content 
rendering module occupying the root position of the hierarchy as not having been 
compromised, and to provide recovered digital content to the plain text digital content 
rendering module occupying the root position of the hierarchy, only upon having verified 
the plain text digital content rendering module occupying the root position of the 
hierarchy as not having been compromised (see England, Column 8, lines 9-18). 

Regarding Claim 31, the rejection of claim 29 is incorporated and the 
combination of England and Graunke further discloses wherein the hierarchy of 
modules includes a module occupying a non-leaf position in the hierarchy and a module 
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occupying an immediate downstream position in tlie liierarcliy from the non-leaf plain 
text digital content rendering module, and the non-leaf module is equipped to verify the 
immediate downstream module as not having been compromised (see England, Fig. 4 
and also Column 8 lines 25-35). 

Regarding Claim 32, the rejection of claim 30 is incorporated and the 
combination of England and Graunke further discloses the digital content of various 
types, comprises streaming media contents of a plurality of media, and of a plurality of 
format types (see England, Column 7, lines 56-60). 

Regarding Claim 33, the rejection of claim 33 is incorporated and the 
combination of England and Graunke further discloses the recordable medium is a 
selected one of a magnetically recordable medium and an optically recordable medium 
(see. Fig. 1, Numerals 110, 151 and 152). 

Conclusion 

4. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, liowever, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to YOGESH PALIWAL whose telephone number is 
(571)270-1807. The examiner can normally be reached on M-F: 7:30 AM - 5:00 PM 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 ) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/Kimyen Vu/ 
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